hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

1848 Commits

Author SHA1 Message Date
Jeroen Ketema
7834626e26 C++: Rewrite cpp/tainted-permissions-check to not use DefaultTaintTracking 2023-11-23 14:52:53 +01:00
Jeroen Ketema
1fbe23228e C++: Update test to reflect updated test results 2023-11-22 16:49:13 +01:00
Jeroen Ketema
bb1945f899 C++: Rewrite cpp/tainted-format-string away from DefaultTaintTracking 2023-11-22 16:49:13 +01:00
Mathias Vorreiter Pedersen
640e2f56d5 C++: Accept test changes. 2023-11-22 15:43:24 +00:00
Mathias Vorreiter Pedersen
a80dbc5200 C++: Accept test changes. 2023-11-21 17:50:11 +00:00
Mathias Vorreiter Pedersen
a10f94af81 Merge pull request #14810 from MathiasVP/fix-ref-deref-duplication 
C++: Fix dataflow duplication from `ReferenceDereference` expressions
 2023-11-16 16:10:07 +00:00
Mathias Vorreiter Pedersen
c5d2866948 Merge pull request #14812 from MathiasVP/no-dtt-in-Integer-overflow-tainted 
C++: Convert `cpp/integer-overflow-tainted` away from DefaultTaintTracking
 2023-11-16 15:24:13 +00:00
Mathias Vorreiter Pedersen
da2215e7e5 C++: Accept test changes. 2023-11-16 13:54:13 +00:00
Mathias Vorreiter Pedersen
30f0b8ab2b Merge pull request #14808 from jketema/jketema/del-fmt-global 
C++: Delete `cpp/tainted-format-string-through-global`
 2023-11-16 13:44:21 +00:00
Mathias Vorreiter Pedersen
5a7cb8f25a C++: Fix duplication on reference dereference expressions. 2023-11-16 10:52:35 +00:00
Jeroen Ketema
afe318edbe C++: Delete cpp/tainted-format-string-through-global 2023-11-16 10:52:05 +01:00
Mathias Vorreiter Pedersen
4d4ca6b948 Merge pull request #14794 from MathiasVP/catch-more-return-stack-allocated-memory 
C++: Catch more returns of stack-allocated memory
 2023-11-15 19:23:24 +00:00
Jeroen Ketema
46e6e72593 C++: Address review comments 2023-11-15 14:57:53 +01:00
Jeroen Ketema
92c18960c5 C++: Rewrite cpp/uncontrolled-process-operation to not use DefaultTaintTracking 2023-11-15 14:57:53 +01:00
Mathias Vorreiter Pedersen
2b8b5cf1b8 C++: Accept test changes. 2023-11-15 11:52:14 +00:00
Mathias Vorreiter Pedersen
118d50236f C++: Add failing tests. 2023-11-15 11:48:37 +00:00
Mathias Vorreiter Pedersen
1623bba18a Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 13:35:15 +00:00
Mathias Vorreiter Pedersen
c950e26b3e C++: Rewrite 'cpp/cpp/tainted-arithmetic' away from DefaultTaintTracking. 2023-11-14 12:19:12 +00:00
Mathias Vorreiter Pedersen
967bbbc1a7 C++: Block flow out of sinks that are qualifiers. This removes the new result duplication and keeps the new result. 2023-11-14 09:29:47 +00:00
Mathias Vorreiter Pedersen
c73e6f1fa8 C++: Accept more test changes. 2023-11-13 16:51:07 +00:00
Mathias Vorreiter Pedersen
9aafbfce13 C++: Fix test annotation. 2023-11-13 16:17:18 +00:00
Mathias Vorreiter Pedersen
cc6268339b C++: Fix failing test and accept test cases. 2023-11-13 15:57:22 +00:00
Mathias Vorreiter Pedersen
834b07e6ad C++: Add failing tests. 2023-11-13 15:54:41 +00:00
Mathias Vorreiter Pedersen
eb263e747f C++: Make sure the test terminates. 2023-11-13 15:25:48 +00:00
Mathias Vorreiter Pedersen
bc576f658e C++: Add a test that fails because of a non-terminating test that dominates this one. 2023-11-13 15:24:56 +00:00
Mathias Vorreiter Pedersen
18c0bcec0b Merge pull request #14669 from MathiasVP/no-dtt-in-unbounded-write 
C++: Rewrite `cpp/unbounded-write` away from `DefaultTaintTracking`
 2023-11-10 15:08:42 +00:00
Jeroen Ketema
ba51b65d84 C++: Fix hasRemoteFlowSource for fgets 
Also add the test that exposed this. Note that the test would only have started
failing after `cpp/uncontrolled-process-operation` with the rewrite of the
query away from default taint tracking, which has not happened yet.
 2023-11-10 11:56:23 +01:00
Mathias Vorreiter Pedersen
38bd893c81 Merge branch 'main' into no-dtt-in-unbounded-write 2023-11-08 15:06:59 +00:00
Mathias Vorreiter Pedersen
e90803a81c C++: Rewrite 'cpp/unbounded-write' away from DefaultTaintTracking. 2023-11-08 14:57:04 +00:00
Mathias Vorreiter Pedersen
ab64d9a9d6 Merge pull request #14713 from MathiasVP/no-gvn-as-ssa-in-range-analysis 
C++: Don't use GVN as SSAVariable in new range analysis
 2023-11-08 09:28:15 +00:00
Mathias Vorreiter Pedersen
a8eed6bd7e Merge pull request #14704 from MathiasVP/fix-uninitialized-local 
C++: IR'ify `cpp/uninitialized-local` and fix FPs
 2023-11-07 22:45:34 +00:00
Mathias Vorreiter Pedersen
69502d0c31 C++: Add some more tests. 2023-11-07 17:31:01 +00:00
Mathias Vorreiter Pedersen
2d43eec3c3 C++: Accept test changes. 2023-11-07 14:57:30 +00:00
Mathias Vorreiter Pedersen
022c9eb3cd C++: Add a barrier feature to 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
6bf2d47321 C++: Allow source = sink in 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
1dc08941f8 C++: Use 'MustFlow' in 'cpp/uninitialized-local'. 2023-11-07 09:23:41 +00:00
Mathias Vorreiter Pedersen
4455ed982d C++: Accept query test changes. 2023-11-06 17:33:46 +00:00
Mathias Vorreiter Pedersen
679d64f0e8 Merge pull request #14647 from microsoft/24-odbc-model-instantiation-upstream2 
C++: Adding a model implementation for ODBC.
 2023-11-02 19:42:27 +00:00
Benjamin Rodes
947e0274c7 Adding sql injection test for ODBC. 2023-11-02 13:27:42 -04:00
Mathias Vorreiter Pedersen
b54b5ae0a9 Merge pull request #14648 from MathiasVP/simplify-invalid-ptr-deref 
C++: Remove one use of range analysis in `cpp/invalid-pointer-deref`
 2023-11-01 14:42:20 +00:00
Mathias Vorreiter Pedersen
b79a5fee14 Merge pull request #14637 from MathiasVP/dataflow-for-realloc 
C++: Add a taint model for `realloc`
 2023-10-31 18:24:04 +01:00
Mathias Vorreiter Pedersen
377da9fa66 C++: Accept test changes. 2023-10-31 11:18:35 +00:00
Mathias Vorreiter Pedersen
e8c18a3883 C++: Add FP in query test. 2023-10-31 11:17:51 +00:00
Mathias Vorreiter Pedersen
c8edf3151b C++: Remove the use of range analysis in 'invalidPointerToDerefSource'. 2023-10-30 15:47:47 +00:00
Mathias Vorreiter Pedersen
b4958e7d58 C++: Accept path changes. 2023-10-30 12:44:30 +00:00
Alex Eyers-Taylor
26b0363707 CPP: Add test demonstrating use-after-free false negatives. 2023-10-23 17:01:52 +01:00
Mathias Vorreiter Pedersen
0ab159f803 Merge pull request #14135 from github/sashabu/frontend-update 
C++: Update for changes in frontend.
 2023-10-19 11:40:24 +01:00
Jeroen Ketema
7e71d9e619 C++: Update expected test results after outputting less loads from the extractor 2023-10-19 10:45:14 +02:00
Jeroen Ketema
23c6027386 C++: Update expected test changes after frontend update 2023-10-19 10:45:13 +02:00
Mathias Vorreiter Pedersen
d8a049f5cc C++: Accept test changes. 2023-10-16 10:51:47 +01:00